DETAILED ACTION
Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Response to Arguments
Applicant's arguments filed 4/13/26 have been fully considered but they are not persuasive.
The applicant argues “…First, there is no "application function (AF)" involved in
the process shown in Lee Figure 25 and described above. To the extent that the Examiner is interpreting Lee's "AAF" as the claimed "application function (AF)", this is contrary to Lee [0067]-[0069] and Figure 3 repeated below: Referring to FIG. 3, the structure for authentication and authorization includes a UE 310, an application authentication and authorization function (AAF) 320, an application function (AF) 330…In other words, Lee clearly discloses that the AF and the AAF are different network entities with different functionality. Lee's AF shown in Figure 3 has similar functionality as the claimed "application function (AF)" described at Appl. 11:10-16; Lee's AAF does not. As such, interpreting Lee's AAF as the claimed "application function (AF)" is overly broad and improper. ” See page 15 of applicant’s remarks. The examiner respectfully disagrees.
Application Authentication and Authorization Function (AAF) is an application function (AF) just more specific to authentication and authorization which is further inline with applicant’s invention and claims. Although, the applicant mentions Figure 3 for showing AF and AAF as two different network entities, Lee discloses the AF 330 may perform a function of a general application server for verification of a token transmitted from the UE. For example, the AF 330 may perform functions corresponding to the functions of a resource server of RFC 6750 in paragraph [0070]. This is very vague and generic. It is the AAF shown in Figure 25 as the AF that carries out the steps as required in the claims.
The applicant argues “Second, even if Lee's AAF could be considered the claimed "application function (AF)", Lee's AAF does not send a "key request [that] includes a request for a first identifier of the UE."…” See page 16 of applicant’s remarks. The examiner respectfully disagrees.
According to Lee, In step 2512, the AAF 2526 transmits an AKMA key derivation request (i.e., key request) message to the 5GC 2525. The AKMA key derivation request message may include information on at least one of a GPSI and an AKMA key ID. In step 2512, the AAF 2526 transmits an AKMA key derivation request message to the 5GC 2525. In step 2513, the 5GC 2525 transmits an AKMA key derivation response message to the AAF 2526. The AKMA key derivation response message may include information on at least one of an EEC ID, a GPSI, a PLMN ID, a CN-type, and an AF key. See paragraphs [0239]-[0240]. The AKMA key derivation response message may include information on a GPSI and the AKMA key derivation request message may include information on at least one of a GPSI therefore, it can be considered as the key request includes a request for a first identifier of the UE due to the AKMA key derivation response message including information on a GPSI.
In conclusion, the rejection is maintained and set forth below.
Claim Rejections - 35 USC § 102
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –
(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale, or otherwise available to the public before the effective filing date of the claimed invention.
Claim(s) 1-17, 21, 25, 41-45, 48-49 and 51-52 is/are rejected under 35 U.S.C. 102(a)(1) as being anticipated by Lee et al. (Lee), U.S. Publication No. 2020/0359218.
Regarding Claim 1, Lee discloses a method performed by an application
function (AF) (i.e., AAF 2526; see figure 25) associated with a communication network, the method comprising:
sending, to a network function (NF) (i.e., 5GC 2525; see figure 25) of the communication network, a key request for a security key (KAF) associated with an application session between the AF and a user equipment (UE) (i.e., step 2512, the AAF 2526 transmits an AKMA key derivation request message to the 5GC 2525.; see paragraph [0239]), wherein the key request includes a request for a first identifier of the UE (i.e., The AKMA key derivation request message may include information on at least one of a GPSI and an AKMA key ID; see paragraph [0239]);
receiving, from the NF, a response that includes the security key (KAF) and the first identifier (i.e., step 2513, the 5GC 2525 transmits an AKMA key derivation response message to the AAF 2526. The AKMA key derivation response message may include information on at least one of an EEC ID, a GPSI, a PLMN ID, a CN-type, and an AF key. The 5GC 2525 derives an AKMA key from an AKMA key ID, an ECSP identifier, a GPSI, and an AUSF key corresponding to a subscriber using information indicating an ECSP identifier, an EEC ID, and the like, as parameters. In step 2513, the 5GC 2525 transmits the derived AKMA key to the AAF 2526; see paragraph [0240]); and
authenticating the UE for the application session based on the response (i.e., step 2514, the AAF 2526 performs verification. The AAF 2425 receiving the AKMA key from the 5GC 2525 network verifies the AKMA authentication code received in step 2510; see paragraph [0241]).
Regarding Claim 2, Lee discloses further comprising receiving, from the UE, an
establishment request for the application session (steps 2507, 2510; see figure 25).
Regarding Claim 3, Lee discloses wherein the establishment request and the
key request include an identifier (A-KID) of a security key (KAKMA) associated with the UE (steps 2510, 2512; see figure 25).
Regarding Claim 4, Lee discloses wherein the key request includes an identifier
of the AF (see paragraph [0238]).
Regarding Claim 5, Lee discloses wherein: the AF is part of the communication
network (see figure 3); and the key request is sent to and the response received from an anchor function for authentication and key management for applications (AAnF) in the communication network (see paragraph [0238]).
Regarding Claim 6, Lee discloses wherein: the AF is outside of the
communication network (see figure 1); and the key request is sent to and the response received from a network exposure function (NEF) in the communication network (see paragraphs [0060] and [0242]).
Regarding Claim 7, Lee discloses a method performed by a network exposure function (NEF) (i.e., NEF included in 5G RAN; see paragraph [0060]) of a communication network, the method comprising:
receiving, from an application function (AF) outside of the communication network (shown in figure 1), a key request for a security key (KAF) associated with an application session between the AF and a user equipment (UE) (i.e., step 2512, the AAF 2526 transmits an AKMA key derivation request message to the 5GC 2525.; see paragraph [0239]), wherein the key request includes a request for a first identifier of the UE (i.e., The AKMA key derivation request message may include information on at least one of a GPSI and an AKMA key ID; see paragraph [0239]); and
sending, to the AF, a response that includes the security key (KAF) and the first identifier (i.e., step 2513, the 5GC 2525 transmits an AKMA key derivation response message to the AAF 2526. The AKMA key derivation response message may include information on at least one of an EEC ID, a GPSI, a PLMN ID, a CN-type, and an AF key. The 5GC 2525 derives an AKMA key from an AKMA key ID, an ECSP identifier, a GPSI, and an AUSF key corresponding to a subscriber using information indicating an ECSP identifier, an EEC ID, and the like, as parameters. In step 2513, the 5GC 2525 transmits the derived AKMA key to the AAF 2526; see paragraph [0240]).
Regarding Claim 8, Lee discloses further comprising determining whether the first identifier of the UE is stored locally at the NEF (see paragraph [0129]).
Regarding Claim 9, Lee discloses wherein the key request includes an identifier (A-KID) of a security key (KAKMA) associated with the UE (see paragraph [0239]).
Regarding Claim 10, Lee discloses a method performed by an anchor function for authentication and key management for applications (AAnF) (i.e., step 2511, the AAF 2526 discovers a SGNF (i.e., an AAnF address) serving as the AKMA key ID. The AAF 2526 discovers an NEF or AAnF address of the 5GC 2525 network; see paragraph [0238]) in a communication network, the method comprising:
receiving a key request for a security key (KAF) associated with an application session between an application function (AF) and a user equipment (UE) (i.e., step 2512, the AAF 2526 transmits an AKMA key derivation request message to the 5GC 2525.; see paragraph [0239]), wherein the key request includes a request for a first identifier of the UE (i.e., The AKMA key derivation request message may include information on at least one of a GPSI and an AKMA key ID; see paragraph [0239]); and
sending a response that includes the security key (KAF) and the first identifier (i.e., step 2513, the 5GC 2525 transmits an AKMA key derivation response message to the AAF 2526. The AKMA key derivation response message may include information on at least one of an EEC ID, a GPSI, a PLMN ID, a CN-type, and an AF key. The 5GC 2525 derives an AKMA key from an AKMA key ID, an ECSP identifier, a GPSI, and an AUSF key corresponding to a subscriber using information indicating an ECSP identifier, an EEC ID, and the like, as parameters. In step 2513, the 5GC 2525 transmits the derived AKMA key to the AAF 2526; see paragraph [0240]).
Regarding Claim 11, Lee discloses wherein the first identifier is a generic public subscription identifier (GPSI) or a subscription permanent identifier (SUPI) (see paragraph [0088]).
Regarding Claim 12, Lee discloses wherein: the method further comprises, in response to the request for the first identifier in the key request, determining whether the first identifier is available to the AF; and sending a response code to the AF indicating whether the first identifier is available to the AF (see paragraphs [0168]-[0169]).
Regarding Claim 13, Lee discloses wherein: the key request includes an identifier (A-KID) of a security key (KAKMA) associated with the UE (see paragraph [0239]); and the method further comprises, based on the identifier (A-KID), deriving the security key (KAF) associated with the application session from the security key (KAKMA) associated with the UE (see paragraph [0240]).
Regarding Claim 14, Lee discloses wherein the key request includes an identifier of the AF (see paragraph [0238]).
Regarding Claim 15, Lee discloses wherein: the application function (AF) is outside of the communication network (see figure 1); and the key request is received from and the response sent to a network exposure function (NEF) in the communication network (see paragraphs [0060] and [0242]).
Regarding Claim 16, Lee discloses wherein the key request is received from and the response sent to the AF, which is in the communication network (steps 2512, 2513; see figure 25).
Regarding Claim 17, Lee discloses network equipment configured to implement an application function (AF) (i.e., AAF 2526; see figure 25 and paragraph [0082]) associated with a communication network, the network equipment comprising interface circuitry and processing circuitry that are operably coupled and are configured to:
send, to a network function (NF) (i.e., 5GC 2525; see figure 25) of the communication network, a key request for a security key (KAF) associated with an application session between the AF and a user equipment (UE) (i.e., step 2512, the AAF 2526 transmits an AKMA key derivation request message to the 5GC 2525.; see paragraph [0239]), wherein the key request includes a request for a first identifier of the UE (i.e., The AKMA key derivation request message may include information on at least one of a GPSI and an AKMA key ID; see paragraph [0239]);
receive, from the NF, a response that includes the security key (KAF) and the first identifier (i.e., step 2513, the 5GC 2525 transmits an AKMA key derivation response message to the AAF 2526. The AKMA key derivation response message may include information on at least one of an EEC ID, a GPSI, a PLMN ID, a CN-type, and an AF key. The 5GC 2525 derives an AKMA key from an AKMA key ID, an ECSP identifier, a GPSI, and an AUSF key corresponding to a subscriber using information indicating an ECSP identifier, an EEC ID, and the like, as parameters. In step 2513, the 5GC 2525 transmits the derived AKMA key to the AAF 2526; see paragraph [0240]); and
authenticate the UE for the application session based on the response (i.e., step 2514, the AAF 2526 performs verification. The AAF 2425 receiving the AKMA key from the 5GC 2525 network verifies the AKMA authentication code received in step 2510; see paragraph [0241]).
Regarding Claim 21, Lee discloses a network equipment configured to implement a network exposure function (NEF) (i.e., NEF included in 5G RAN; see paragraph [0060]. Paragraph [0082] disclose FIG. 5 illustrates the configuration of a server in a wireless communication system) of a communication network, the network equipment comprising interface circuitry and processing circuitry that are operably coupled and are configured to:
receive, from an application function (AF) outside of the communication network (shown in figure 1), a key request for a security key (KAF) associated with an application session between the AF and a user equipment (UE) (i.e., step 2512, the AAF 2526 transmits an AKMA key derivation request message to the 5GC 2525.; see paragraph [0239]), wherein the key request includes a request for a first identifier of the UE (i.e., The AKMA key derivation request message may include information on at least one of a GPSI and an AKMA key ID; see paragraph [0239]);
send, to the AF, a response that includes the security key (KAF) and the first identifier (i.e., step 2513, the 5GC 2525 transmits an AKMA key derivation response message to the AAF 2526. The AKMA key derivation response message may include information on at least one of an EEC ID, a GPSI, a PLMN ID, a CN-type, and an AF key. The 5GC 2525 derives an AKMA key from an AKMA key ID, an ECSP identifier, a GPSI, and an AUSF key corresponding to a subscriber using information indicating an ECSP identifier, an EEC ID, and the like, as parameters. In step 2513, the 5GC 2525 transmits the derived AKMA key to the AAF 2526; see paragraph [0240]).
Regarding Claim 25, Lee discloses network equipment configured to implement an anchor function for authentication and key management for applications (AAnF) (i.e., step 2511, the AAF 2526 discovers a SGNF (i.e., an AAnF address) serving as the AKMA key ID. The AAF 2526 discovers an NEF or AAnF address of the 5GC 2525 network; see paragraph [0238]. Paragraph [0082] disclose the configuration shown in FIG. 5 may be understood as the configuration of a device having function of at least one of the AAF 320) in a communication network, the network equipment comprising interface circuitry and processing circuitry that are operably coupled and are configured to:
receiving a key request for a security key (KAF) associated with an application session between an application function (AF) and a user equipment (UE) (i.e., step 2512, the AAF 2526 transmits an AKMA key derivation request message to the 5GC 2525.; see paragraph [0239]), wherein the key request includes a request for a first identifier of the UE (i.e., The AKMA key derivation request message may include information on at least one of a GPSI and an AKMA key ID; see paragraph [0239]); and
sending a response that includes the security key (KAF) and the first identifier (i.e., step 2513, the 5GC 2525 transmits an AKMA key derivation response message to the AAF 2526. The AKMA key derivation response message may include information on at least one of an EEC ID, a GPSI, a PLMN ID, a CN-type, and an AF key. The 5GC 2525 derives an AKMA key from an AKMA key ID, an ECSP identifier, a GPSI, and an AUSF key corresponding to a subscriber using information indicating an ECSP identifier, an EEC ID, and the like, as parameters. In step 2513, the 5GC 2525 transmits the derived AKMA key to the AAF 2526; see paragraph [0240]).
Regarding Claim 41, Lee discloses wherein the processing circuitry and the interface circuitry are further configured to receive, from the UE, an establishment request for the application session (steps 2507, 2510; see figure 25).
Regarding Claim 42, Lee discloses wherein the establishment request and the key request include an identifier (A-KID) of a security key (KAKMA) associated with the UE (steps 2510, 2512; see figure 25).
Regarding Claim 43, Lee discloses wherein the key request includes an identifier of the AF (see paragraph [0238]).
Regarding Claim 44, Lee discloses wherein one of the following applies: the AF is part of the communication network (see figure 3) and the NF is an anchor function for authentication and key management for applications (AAnF) (see paragraph [0238]).; or the AF is outside of the communication network and the NF is a network exposure function (NEF).
Regarding Claim 45, Lee discloses wherein the processing circuitry and the interface circuitry are further configured to determine whether the first identifier of the UE is stored locally at the NEF (see paragraph [0129]).
Regarding Claim 48, Lee discloses wherein the key request includes an identifier (A-KID) of a security key (KAKMA) associated with the UE (see paragraph [0239]).
Regarding Claim 49, Lee discloses wherein one or more of the following applies: the first identifier is a generic public subscription identifier (GPSI) or a subscription permanent identifier (SUPI) (see paragraph [0088]); and the key request includes an identifier of the AF.
Regarding Claim 51, Lee discloses wherein: the key request includes an identifier (A-KID) of a security key (KAKMA) associated with the UE (see paragraph [0239]); and the processing circuitry and the interface circuitry are further configured to, based on the identifier (A-KID), derive the security key (KAF) associated with the application session from the security key (KAKMA) associated with the UE (see paragraph [0240]).
Regarding Claim 52, Lee discloses wherein one of the following applies: the AF is outside of the communication network (see figure 1), and the key request is received from and the response sent to a network exposure function (NEF) in the communication network (see paragraphs [0060] and [0242]); or the key request is received from and the response sent to the AF, which is in the communication network.
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
Claim(s) 46-47 and 50 is/are rejected under 35 U.S.C. 103 as being unpatentable over Lee in view of Guo et al. (Guo), U.S. Publication No. 2022/0278835.
Regarding Claim 46, Lee discloses the network equipment as described above.
Lee fails to disclose wherein the processing circuitry and the interface circuitry are further configured to: based on determining that the first identifier is not stored locally, send, to an anchor function for authentication and key management for applications (AAnF) in the communication network, a key request for the security key (Kaf) that includes one of the following: a request for the first identifier of the UE, or the first identifier, retrieved from a unified data management function (UDM) of the communication network; and receive from the AAnF a response that includes the security key (Kaf) and one of the following: the first identifier, or a response code associated with the first identifier. Guo discloses wherein the processing circuitry and the interface circuitry are further configured to: based on determining that the first identifier is not stored locally (in other words, determining that it does not have the UE specific KAKMA ID; see paragraph [0137]), send, to an anchor function for authentication and key management for applications (AAnF) in the communication network, a key request for the security key (Kaf) that includes one of the following: a request for the first identifier of the UE (see paragraphs [0137]-[0138]), or the first identifier, retrieved from a unified data management function (UDM) of the communication network; and receive from the AAnF a response that includes the security key (Kaf) and one of the following: the first identifier, or a response code associated with the first identifier (see paragraphs [0137]-[0138]). It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to consider Guo’s invention with Lee’s invention for allowing more flexible UE scheduling as described throughout Guo.
Regarding Claim 47, Lee discloses the network equipment as described above.
Lee fails to disclose wherein when the first identifier is included in the key request to the AAnF, the response code indicates that the first identifier matches an identifier of the UE that is stored in the AAnF. Guo discloses wherein when the first identifier is included in the key request to the AAnF, the response code indicates that the first identifier matches an identifier of the UE that is stored in the AAnF (see paragraphs [0139]-[0141]). It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to consider Guo’s invention with Lee’s invention for allowing more flexible UE scheduling as described throughout Guo.
Regarding Claim 50, Lee discloses the network equipment wherein: the
processing circuitry and the interface circuitry are further configured to, in response to the request for the first identifier in the key request, determine whether the first identifier is available to the AF; the response to the AF includes the first identifier, when the first identifier is determined to be available to the AF (see paragraphs [0168]-[0169]) as described above. Lee fails to disclose the response to the AF includes a response code instead of the first identifier, when the first identifier is determined to be unavailable to the AF. Guo discloses the response to the AF includes a response code instead of the first identifier, when the first identifier is determined to be unavailable to the AF (see paragraph [0141]). It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to consider Guo’s invention with Lee’s invention for allowing more flexible UE scheduling as described throughout Guo.
Conclusion
THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any nonprovisional extension fee (37 CFR 1.17(a)) pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to SHANTELL LAKETA HEIBER whose telephone number is (571)272-0886. The examiner can normally be reached on M-F from 9am to 5pm.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Anthony Addy, can be reached at telephone number (571)272-0886. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from Patent Center. Status information for published applications may be obtained from Patent Center. Status information for unpublished applications is available through Patent Center for authorized users only. Should you have questions about access to Patent Center, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free).
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) Form at https://www.uspto.gov/patents/uspto-automated- interview-request-air-form.
/SHANTELL L HEIBER/Primary Examiner, Art Unit 2645
June 2, 2026